Security News > 2020 > January > Hanna Andersson Data Breach: Hackers Compromise Website of Children's Clothier
Portland, Oregon-based children's clothing maker Hanna Andersson has quietly disclosed a breach to affected customers.
According to the breach notification letter, the "Incident potentially involved information submitted during the final purchase process on our website, www.hannaandersson.com, including name, shipping address, billing address, payment card number, CVV code, and expiration date." These details are often known on the dark web as 'fullz'; that is, the data contains all the information necessary for a criminal to make fraudulent purchases via the internet.
The Hannah Andersson breach has not been confirmed as a Magecart attack, but such attacks generally involve the insertion of malicious skimmer code into the victim company's payment code.
Hanna Andersson is providing no details of the attack.
"We can definitively state," says the Verizon 2019 Payment Security Report, "We have never reviewed an environment or investigated a PCI data breach involving an affected entity that was truly PCI DSS compliant." Coincidentally, this report was published at the very end of the Hanna Andersson breach.
News URL
Related news
- Fortinet confirms data breach after hacker claims to steal 440GB of files (source)
- Dell investigates data breach claims after hacker leaks employee info (source)
- ADT confirms data breach after customer info leaked on hacking forum (source)
- CSC ServiceWorks discloses data breach after 2023 cyberattack (source)
- How to Prevent Your First AI Data Breach (source)
- Toyota confirms third-party data breach impacting customers (source)
- National Public Data Breach: Only 134 Million Unique Emails Leaked and Company Acknowledges Incident (source)
- CannonDesign confirms Avos Locker ransomware data breach (source)
- Patelco notifies 726,000 customers of ransomware data breach (source)
- Nearly 1/3 of Companies Suffered a SaaS Data Breach in Last Year (source)